from flask import Blueprint, session, redirect, url_for, flash, render_template, request

auth_bp = Blueprint('auth', __name__)

# 管理员账号和密码（简单实现，生产环境应使用数据库和加密）
ADMIN_USERNAME = 'admin'
ADMIN_PASSWORD = 'password'


@auth_bp.route('/admin/login', methods=['GET', 'POST'])
def admin_login():
    """管理员登录"""
    if request.method == 'POST':
        username = request.form.get('username')
        password = request.form.get('password')

        if username == ADMIN_USERNAME and password == ADMIN_PASSWORD:
            session['logged_in'] = True
            return redirect(url_for('admin.admin'))
        else:
            flash('Invalid credentials', 'error')

    return render_template('login.html')


@auth_bp.route('/admin/logout')
def admin_logout():
    """管理员登出"""
    session.pop('logged_in', None)
    return redirect(url_for('posts.index'))
